PHPackages                             torchlighttechnology/api-security-plugin - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [API Development](/categories/api)
4. /
5. torchlighttechnology/api-security-plugin

ActiveCakephp-plugin[API Development](/categories/api)

torchlighttechnology/api-security-plugin
========================================

ApiGateway plugin for CakePHP

v2.1(4y ago)05.8kMITPHPCI failing

Since May 14Pushed 4y ago3 watchersCompare

[ Source](https://github.com/Torchlight-Technology/api-security-plugin)[ Packagist](https://packagist.org/packages/torchlighttechnology/api-security-plugin)[ RSS](/packages/torchlighttechnology-api-security-plugin/feed)WikiDiscussions master Synced 2w ago

READMEChangelog (10)Dependencies (3)Versions (16)Used By (0)

ApiGateway plugin for CakePHP
=============================

[](#apigateway-plugin-for-cakephp)

Description
-----------

[](#description)

This CakePHP 3 plugin allows the user to specify which controller/methods are used as API endpoints through a basic UI, and enforce AWS APIGateway request parameters. For the endpoints which are specified, the plugin checks for the 'x-api-key' header in the request and verifies the value is an enabled API Key in your AWS APIGateway account. Invalid requests result in a Cake\\Controller\\Exception\\AuthSecurityException being thrown.

Installation
------------

[](#installation)

You can install this plugin into your CakePHP application using [composer](http://getcomposer.org).

The recommended way to install composer packages is:

```
composer require torchlighttechnology/api-security-plugin

```

Configuration
-------------

[](#configuration)

Load the plugin in the host app's config/bootstrap.php file:

```
Plugin::load('ApiGateway', ['bootstrap' => true, 'routes' => true]);

```

Add the namespace into the host app's composer.json file, in the autoload-dev section:

```
"ApiGateway\\Test\\": "vendor/torchlighttechnology/api-security-plugin/tests/"

```

Add the AwsAuthenticator Component in the host app's src/Controller/AppController.php:

```
public function initialize()
{
        parent::initialize();

        $this->loadComponent('ApiGateway.AwsAuthenticator');
}

```

Run the ApiGateway migrations:

```
bin/cake migrations migrate -p ApiGateway

```

### Environment variables

[](#environment-variables)

ApiGateway plugin uses the AWS API to retrieve the valid AWS API Gateway keys, and it uses Redis for caching method names and API calls. The plugin relies on environment variables to make the connection to Redis and AWS. The AWS environment variables you need to set are:

```
ASSUME_ROLE_ARN

```

The Redis environment variables you need to set are:

```
REDIS_SERVER

```

The default value for REDIS\_SERVER is localhost. If you don't want to use Redis you can use File caching by setting REDIS\_ENGINE env variable to 'File' (REDIS\_SERVER var will then be ignored).

Setup
-----

[](#setup)

Once you have properly configured the plugin, navigate to . Click on 'Configure End Points'. You should see a list of controller names with their method names as checkboxes. Select the methods that you want the plugin to protect. There is also a Clear AWS API Cache button. This will invalidate the Redis cache, and on the next call to a protected endpoint, it will refresh with the latest API Keys from AWS APIGateway.

###  Health Score

33

—

LowBetter than 72% of packages

Maintenance20

Infrequent updates — may be unmaintained

Popularity17

Limited adoption so far

Community13

Small or concentrated contributor base

Maturity71

Established project with proven stability

 Bus Factor1

Top contributor holds 78.3% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~135 days

Recently: every ~369 days

Total

12

Last Release

1476d ago

Major Versions

v1.3 → v2.02022-06-06

### Community

Maintainers

![](https://www.gravatar.com/avatar/b34c8cf0202a169795242cbf2a7b55588a2ced7942cc7462a3c76a816de8ce6a?d=identicon)[\_waffles](/maintainers/_waffles)

---

Top Contributors

[![guyandy](https://avatars.githubusercontent.com/u/18150451?v=4)](https://github.com/guyandy "guyandy (18 commits)")[![gitcarl](https://avatars.githubusercontent.com/u/19785654?v=4)](https://github.com/gitcarl "gitcarl (2 commits)")[![perichin](https://avatars.githubusercontent.com/u/9864237?v=4)](https://github.com/perichin "perichin (2 commits)")[![stevewaffles](https://avatars.githubusercontent.com/u/2625357?v=4)](https://github.com/stevewaffles "stevewaffles (1 commits)")

###  Code Quality

TestsPHPUnit

### Embed Badge

![Health badge](/badges/torchlighttechnology-api-security-plugin/health.svg)

```
[![Health](https://phpackages.com/badges/torchlighttechnology-api-security-plugin/health.svg)](https://phpackages.com/packages/torchlighttechnology-api-security-plugin)
```

###  Alternatives

[cakephp/bake

Bake plugin for CakePHP

11212.0M194](/packages/cakephp-bake)[dereuromark/cakephp-queue

The Queue plugin for CakePHP provides deferred task execution.

308954.9k25](/packages/dereuromark-cakephp-queue)[dereuromark/cakephp-ide-helper

CakePHP IdeHelper Plugin to improve auto-completion

1882.3M41](/packages/dereuromark-cakephp-ide-helper)[keboola/storage-api-client

Keboola Storage API PHP Client

10405.9k37](/packages/keboola-storage-api-client)[pressbooks/pressbooks

Pressbooks is an open source book publishing tool built on a WordPress multisite platform. Pressbooks outputs books in multiple formats, including PDF, EPUB, web, and a variety of XML flavours, using a theming/templating system, driven by CSS.

45444.2k1](/packages/pressbooks-pressbooks)[dereuromark/cakephp-tinyauth

A CakePHP plugin to handle user authentication and authorization the easy way.

131240.2k13](/packages/dereuromark-cakephp-tinyauth)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)
